Given the difficulty of trusting auditors and ensuring they see all
   they need to see, why not push instead for crypto FPGA: consuner
   hardware, widely available. Probably hard to dope-trojan without
   breaking, and cleverly random allocation of transistors to the HWPRNG
   could mitigate.
   An open fpga with an open stack would not only be more trustworthy for
   crypto, I think it'd help legitimise and pave way for small-batch ASIC,
   too.

   On 5 November 2014 08:41:54 GMT+00:00, coderman <coderman@gmail.com>
   wrote:

On 11/4/14, Bryan Bishop <kanzure@gmail.com> wrote:

     ...
     Are there any open-source ASICs for wifi, bluetooth, gsm, cdma, or
     other communication chips?

     build in array of direct quadrature modulator circuits (RFIC) in the
     desired bands for software stacks across all of the above. that gets
     you performance and efficiency, all in one! (or many, as it were)
     there are open source SDR stacks for some of the above, however,
     traditional SDR as crudely shoved into a SoC would not work so well.
     this is a longer discussion, of course :)

     I would appreciate any references or links you can provide me to
     working chains of custody and their threat models. I am curious to
     see
     what a good one looks like.

     a trusted set of auditors is on premise able to observe the wafer
     processing, litho, etc. to die prep and packing, with device testing
     results for each core attached.
     packages collected till end of run, then trusted auditors depart
     with
     the set of presumably trusted fabrication parts.

     I think that chain of custody is going to
     be problematic because of dopant-level trojans,...

     the selective FIB deconstruction to verify, along with constructions
     resistant to stealthy dopant tampering, could leave you more
     confident
     that the set of chips so run were not surreptitiously tampered with.
     obviously, if chain of custody ever broken, the chips become
     suspect.
     this is all an amusing thought exercise, given the complete lack of
     anything remotely as hard to run software wise on top of this
     idealistic open soc :)
     best regards,

   --
   Sent from my Android device with K-9 Mail. Please excuse my brevity.